Android and iPhone virtualization created by AT&T, no contract required.

AT&T says it has the answer for corporations that want to let employees access work applications from personal phones without becoming a security threat. A new virtualization-style technology that works on both Android and iPhones creates a work container that is isolated from an employee's personal applications and data, letting IT shops manage just the portion of the phone related to work.

This isn't a new idea. ARM is talking about adding virtualization into the smartphone chip layer. VMware has been promising to virtualize smartphones for some time. What is notable about AT&T's technology is its flexibility. VMware's technology hasn't hit end users yet, largely because it must be pre-installed by phone manufacturers, limiting it to carriers and device makers that want to install it on their hardware.

AT&T's "Toggle" technology, meanwhile, works with any Android device from versions 2.2 to 3.x, as well as iPhones, and can be installed after a user buys it. Moreover, the technology is somewhat separate from AT&T's cellular division and can be used with any carrier.

AT&T Toggle launched in a trial run last fall on Android. Version 2.0, which supports both Android and iPhone (as well as tablets running Android or iOS), was announced this week. Version 2.0 is in trials with some corporate customers and will be generally available in about a month, AT&T said. While Android and iPhone are the initially supported platforms, BlackBerry and Windows Phone are reportedly coming later this year.

Toggle beats VMware to market with more flexible approach

Toggle, as we alluded to, is similar to VMware's Horizon Mobile for Android phones, which we wrote about last September. Both create a work partition on a smartphone that can house an employee's business e-mail and applications, while being walled off from the user's personal e-mail and applications. Samsung, LG, and Verizon are partnering with VMware to bring Horizon Mobile technology to Android devices, but no specific rollouts have been announced.

Like VMware's software, Toggle lets a user enter the work side of their phone by clicking an application icon. In addition to work-specific e-mail and text messaging, business applications can be delivered through private, corporate app stores that AT&T will help customers set up. Document attachments are encrypted, and the Toggle work partition has its own secure Web browser. Data is pushed from company applications to phones over SSL, and administrators can view all the details of devices connecting to the network and enforce permissions, set policies at a company-wide or group level, and perform a screen lock or remote wipe on the work partition.

While VMware uses virtualization to build a guest operating system on top of the phone's host operating system, AT&T built its own partitioning software without deep hooks into the operating system, making it capable of being installed by corporations and users on all sorts of phones. That's why AT&T was able to get to market faster than VMware, AT&T's Mobeen Khan, executive director of mobility marketing, told us. "This is almost at an application layer," Khan said. "There are no hooks into the operating system."

The product is being offered through AT&T's business division rather than its cellular division. As a result, the software can be installed on phones provided by any carrier.

Security comes first

Whether AT&T's method of isolating work and personal partitions is more or less secure than VMware's is hard to say, as VMware's product has only been shown in demos. We've asked VMware for release date information and clarification about what issues—security or otherwise—have prevented a more timely release. We'll update if we receive feedback. AT&T's Khan notes that "you cannot talk about security on absolute terms," but says Toggle's software container is designed to "protect all data and applications inside the container."

SSL encryption is supported for the work partition, and IT administrators can apply the usual password protection policies and other security requirements on the phone's work partition. If a phone were to be compromised, the IT department could wipe the work portion remotely, leaving the employee's personal data and applications intact. The IT shop can also determine what level of interaction the work and personal partitions may have, like whether calendars can be mixed and whether notifications can flow from the personal space to the work space or vice versa. IT administrators can also set policies on what applications users may download from a company's private app store, restricting employees to only the applications they need to do their jobs.

VMware has promised that its virtualized phones will have two phone numbers, one for work and one for personal calls, with users being able to take calls from either regardless of which partition they're in. AT&T's Toggle supports just one number for the moment, but Khan says "later in the year we will be announcing dual phone numbers, one phone number associated with the work container and another that's your personal phone. The idea behind this is you as an employee bringing your own device to do work don't want to pay for whatever usage is on the work side of the container."

Toggle also comes with antimalware software from Juniper that can scan both the work and personal parts of a phone. If a virus is spotted on a phone, an IT shop might choose to remotely wipe the work partition, or at least notify the user that something is amiss.

Toggle is mostly targeted at employees bringing their own phones to work, although it could theoretically be installed on employer-purchased devices as well. A corporation must pay $750 for configuration and training to get started, plus $6.50 per device per month, with a minimum of 20 licenses per order. Ongoing support costs another $1.50 or $2.50 per device per month.

From the user's perspective, AT&T says it should be easy. Employees don't have to give up their phones for an hours-long setup process. They just enter the Toggle portal with a login and password supplied by their employer, and download the appropriate software.

"The key value to the employee," Khan said, "is that they can bring their own device. Anything that is on the personal side is totally isolated from the IT administrator," with the exception of the malware tracking.

Many employers today still block access from personal devices, even for applications as ubiquitous as e-mail. But the comfort level IT shops have with personal devices is increasing. While AT&T can be congratulated for getting Toggle to market relatively quickly and in a cross-platform and cross-carrier manner, this type of technology could well become the standard rather than the exception over time.

Promoted Comments

My company only buys phones for people above a certain level, and depends on frustration at inconvenience coercing everyone else to use their personal device at least for business calls (which they will reimburse you for).

It has ended up being a bit hilarious for me, as I don't want a cell phone and don't have one. Most of my team members would very much like me to have one, along with my functional management, but the company will not give me one. I have run ins with our corporate travel and other groups who insist I have to have my cell number on file with them, and are aghast when I tell them no.

On the other hand, I recently got a personally owned ipad, which I began taking to work and hooked into our Exchange email system, as it let me at least deal with email issues during meetings. This required allowing a config profile be forced onto my machine which allows them a lot of control they shouldn't have, forced passcode for unlock, app rejection, remote wipe and such, but they "promise" these are used judiciously so I had been letting it slide.

However, they are now requiring installation of an MDM app called mobileiron which along with all the above issues, also prevents you from using icloud for anything beyond photostream and music storage, thereby destroying some of the value to me of my personal device. So I am now forced to choose to remove the corporate hooks into it. It's ridiculously shortsighted, as the company basically loses a lot of the efficiency I had gained with mobile access to email and other documents.

I'll be interested to see if something like what ATT is offering above solves any of these issues.

Hell no. In a previous position, work wanted me to use my personal phone to do some work stuff (email, messages, etc).

I said hell no. Even though work would pay for 1/2 the monthly bill of my phone, I would also had to forgo my right to own anything on my phone. My phone would basically be open for any kind of investigation as it is used for work related activities...

By definition, if it has no hooks into the OS itself, it will do a pretty crappy job at security. It will secure well behaved programs (but a normal OS should do that as well). But if a program is not well behaved (i.e. can exploit some OS ability to raise its privilege level), any user mode based security scheme will fall on its face.

I'd point you towards a company founded based on research I was involved with (I'm not involved with company) that (in my biased opinion) does a better job - http://www.cellrox.com/

I'm very curious to see how this works on an iPhone. An iOS app should not be able to have hooks deep enough into the operating system to allow this.

Yeah, the article glosses over this point and it's probably the only really interesting part.

To the guy who suggests they jailbreak it: I highly, highly, highly doubt that. First of all, they'd quickly find they lost Apple as a partner, and it'd probably cause major legal hassles (breach of contract, etc).

Hell no. In a previous position, work wanted me to use my personal phone to do some work stuff (email, messages, etc).

I said hell no. Even though work would pay for 1/2 the monthly bill of my phone, I would also had to forgo my right to own anything on my phone. My phone would basically be open for any kind of investigation as it is used for work related activities...

Nope, I know better then to use personal phones for work.

Same here. I would not use my personal phone for work. No way. Lucky for me my employer has no problems giving us iPhones and Blackberries.

This is article is way to light on the details to really be worth posting. Maybe wait a bit until the details are answered and then write the article, as is often the case for many excellent Ars articles.

I'm very curious to see how this works on an iPhone. An iOS app should not be able to have hooks deep enough into the operating system to allow this.

The article plainly stated that it doesn't have deep hooks in the OS. What are you saying is not allowed?

Right. As noted in the article, AT&T calls the work partition a container that sits at the application level. This is what makes it possible to deploy across multiple operating systems. I'd also note that if you follow the link to the private app store article, I think we had some information on how the Apple developer programs let companies deploy custom applications to iPhones. That, for example, lets a company build a private app store for iPhone.

As for the phone numbers, it only supports one number as of now. They haven't released this with dual numbers yet.

It doesn't nullify the "security threat" that a phone can be, and Shannara pegged it dead on with the investigation issue. If I need to conduct that much business from my phone, then my employer can get me a phone just for that.

Has anyone really figured out the motivation behind bring YOUR phone to work? Is it strictly money? Or do they want to insure that any phone at work is under their (the employer's) control?

I don't get it. Just issue those cameraless Blackberries like the feds use. If your employee isn't on that cameraless Blackberry, the person is goofing off.

Hey, some people like to keep up on their work email! I pay for my own phone, which connects to work email. I guess some people are workaholics, or just obsessive? Anyway, if it's a choice between choosing my own device and using something I don't want to use, I'd rather have my own, and not carry two phones around.

For the employer, they obviously want to save money. It's probably cheaper to do this Toggle thing than actually give employees phones that might cost $200 a pop before you even get into monthly charges.

Has anyone really figured out the motivation behind bring YOUR phone to work? Is it strictly money? Or do they want to insure that any phone at work is under their (the employer's) control?

I don't get it. Just issue those cameraless Blackberries like the feds use. If your employee isn't on that cameraless Blackberry, the person is goofing off.

When I had to carry and charge two phones it was pretty annoying. Not carrying two phones is a pretty big incentive.

Of course you can't really use a corporate phone for your personal business, but if you have to surrender personal control of your phone to corporate policy, though, two phones looks better. This aims to help bridge the gap.

Has anyone really figured out the motivation behind bring YOUR phone to work? Is it strictly money? Or do they want to insure that any phone at work is under their (the employer's) control?

I don't get it. Just issue those cameraless Blackberries like the feds use. If your employee isn't on that cameraless Blackberry, the person is goofing off.

Hey, some people like to keep up on their work email! I pay for my own phone, which connects to work email. I guess some people are workaholics, or just obsessive? Anyway, if it's a choice between choosing my own device and using something I don't want to use, I'd rather have my own, and not carry two phones around.

For the employer, they obviously want to save money. It's probably cheaper to do this Toggle thing than actually give employees phones that might cost $200 a pop before you even get into monthly charges.

That's what you want. The trend in the private sector is that policies are changing so that personal phone that connects to the business serveres are subjected to company control. In the end, you give up your rights to privacy (haha ... as an employee in the private sector, did you think you even have that to begin with?) for CONVENIENCE.

And to address questions about how this works on iPhone. AT&T and Apple have been in bed for a long while and I'm sure Apple is closely working with AT&T on this technology and have provided a way for AT&T to embed this directly into iOS.

My company only buys phones for people above a certain level, and depends on frustration at inconvenience coercing everyone else to use their personal device at least for business calls (which they will reimburse you for).

It has ended up being a bit hilarious for me, as I don't want a cell phone and don't have one. Most of my team members would very much like me to have one, along with my functional management, but the company will not give me one. I have run ins with our corporate travel and other groups who insist I have to have my cell number on file with them, and are aghast when I tell them no.

On the other hand, I recently got a personally owned ipad, which I began taking to work and hooked into our Exchange email system, as it let me at least deal with email issues during meetings. This required allowing a config profile be forced onto my machine which allows them a lot of control they shouldn't have, forced passcode for unlock, app rejection, remote wipe and such, but they "promise" these are used judiciously so I had been letting it slide.

However, they are now requiring installation of an MDM app called mobileiron which along with all the above issues, also prevents you from using icloud for anything beyond photostream and music storage, thereby destroying some of the value to me of my personal device. So I am now forced to choose to remove the corporate hooks into it. It's ridiculously shortsighted, as the company basically loses a lot of the efficiency I had gained with mobile access to email and other documents.

I'll be interested to see if something like what ATT is offering above solves any of these issues.

Unless the business I work for is going to dish out half the expense for the cost of my personal device - it'll be a cold day in hell before I use my own equipment for compnay business. IF something happens to said devices are they going to cover the replacement cost ?

My biggest glaring issue with this solution is that the secure storage layer is exposed at the user interface layer. As a user, I just want to use my phone and not worry about where stuff is stored. I have no problem with allowing my work to erase work email, call history and contacts. Fine. In today's day and age the user interface shouldn't care where the bits are stored and a user shouldn't have to be tech savvy enough to understand a secure partition from the rest of their phone. Sounds like a well intentioned solution that will sell well and use terribly. People will bitch about two sides of a phone being barely better than two physical phones until someone does the user interface correclty and makes the scenario a single seamless user experience.

On the other hand, I recently got a personally owned ipad, which I began taking to work and hooked into our Exchange email system, as it let me at least deal with email issues during meetings. This required allowing a config profile be forced onto my machine which allows them a lot of control they shouldn't have

Sounds like they're properly protecting a valuable Company asset: Email.

My company uses Good for Enterprise, which AT&T's Toggle sounds a lot like. Everything is self contained in the app - you can't run any external applications with the data in the app. All data in the app is encrypted. The app won't run if you exceed the currently authorized OS version (they run about 48 hours after release for approval), nor will it run if you've jailbroken the phone. It also installs a profile that requires a passcode and a specific timer on screen lock.

I use it on my personally owned iPad mostly because it reduces the time I have to spend at work by about four hours a week. Not because I use it to work at home, but because I can get company business done while in meetings (which I'm in about 7 hours a day).

I consult at many Fortune 500 companies. Most seem to be obsessed with security concerns like this. A few (only two companies I have consulted with) are much more open about such things. It would be interesting to do a study on productivity between the two approaches. In my experiences, the companies that are more open are far more productive. There may be some risks but everything in business is a risk vs. reward calculation. In my experience, large companies have going too far into locking things down.

Full disclosure: I carry a personnel phone and a company provided phone. So I guess I have the ultimate in separation.

disclosure: I work for VMware. I worked in IT Operations and Security for 15 years before I came over to the software vendor side.

Some people and the companies they work for seem to be missing the boat on byod (bring your own device). Although it is not the best solution for all companies or people, the idea is pretty simple:

1. Saves the company money2. Employees are generally happier to choose the device3. This actually increases employee efficiency

In order to be successful at this, both the employee and the company need to understand and accept a few things:

1. The employee is "the customer" of IT2. The iron fist of IT is no longer an option3. IT must reasonably enforce security and manage risk

Based on what I have seen at some companies, IT is sometimes reluctant to relinquish control and tends to be pretty lousy at balancing business value with risk. As IT Managers begin to understand that customer service matters, and that aligning IT decisions with the business is mandatory, things will start to change.

My company uses Good for Enterprise, which AT&T's Toggle sounds a lot like. Everything is self contained in the app - you can't run any external applications with the data in the app. All data in the app is encrypted. The app won't run if you exceed the currently authorized OS version (they run about 48 hours after release for approval), nor will it run if you've jailbroken the phone. It also installs a profile that requires a passcode and a specific timer on screen lock.

How does it protect against being run in an emulated device? The app can be led to *think* all is good.

My company uses Good for Enterprise, which AT&T's Toggle sounds a lot like. Everything is self contained in the app - you can't run any external applications with the data in the app. All data in the app is encrypted. The app won't run if you exceed the currently authorized OS version (they run about 48 hours after release for approval), nor will it run if you've jailbroken the phone. It also installs a profile that requires a passcode and a specific timer on screen lock.

How does it protect against being run in an emulated device? The app can be led to *think* all is good.

No idea, but I would suspect is has to do with the profile loaded. The associated profile puts restrictions on the device that the OS has to respect. I would expect that Apple's OS can detect that it is on an emulator (or at least the one they provide, I'm not aware of any others).

I'm very curious to see how this works on an iPhone. An iOS app should not be able to have hooks deep enough into the operating system to allow this.

The article plainly stated that it doesn't have deep hooks in the OS. What are you saying is not allowed?

Right. As noted in the article, AT&T calls the work partition a container that sits at the application level. This is what makes it possible to deploy across multiple operating systems. I'd also note that if you follow the link to the private app store article, I think we had some information on how the Apple developer programs let companies deploy custom applications to iPhones. That, for example, lets a company build a private app store for iPhone.

As for the phone numbers, it only supports one number as of now. They haven't released this with dual numbers yet.

So how is this different from Good Messaging? On iOS and Android it functions as container for your corporate email, messaging, and contacts. The contents are encrypted, and IT's remote management is limited to locking and/or wiping just the contents of the application. All of the user's personal data stored outside of the container is left alone, for better or for worse.

It sounds like AT&T's solution is just this, with a bit more features (private app store).

My company uses Good for Enterprise, which AT&T's Toggle sounds a lot like. Everything is self contained in the app - you can't run any external applications with the data in the app. All data in the app is encrypted. The app won't run if you exceed the currently authorized OS version (they run about 48 hours after release for approval), nor will it run if you've jailbroken the phone. It also installs a profile that requires a passcode and a specific timer on screen lock.

I use it on my personally owned iPad mostly because it reduces the time I have to spend at work by about four hours a week. Not because I use it to work at home, but because I can get company business done while in meetings (which I'm in about 7 hours a day).

My company only buys phones for people above a certain level, and depends on frustration at inconvenience coercing everyone else to use their personal device at least for business calls (which they will reimburse you for)....snip ...

Brandon, if your corporation feels that it is that important that they need to get ahold of you after hours, then they can damn well afford to give you a call phone.

Regarding YOUR ipad. Take it home do a system wipe and restore, and leave it home.

My company only buys phones for people above a certain level, and depends on frustration at inconvenience coercing everyone else to use their personal device at least for business calls (which they will reimburse you for)....snip ...

Brandon, if your corporation feels that it is that important that they need to get ahold of you after hours, then they can damn well afford to give you a call phone.

Regarding YOUR ipad. Take it home do a system wipe and restore, and leave it home.

For me, it's sometimes worth being able to check email after hours that my own small personal investment is OK. The increase in productivity can be significant.

They don't express a need to get a hold of me after hours. It's more a matter of when I am away from my desk.

Also, I deal a lot with people in Asia, and will tend to answer emails in the early evening at home that pop up when I am using the ipad. Otherwise, I would not respond until the next morning at work (after the work day has ended in Asia). Same as neoscsi. So now they can go back to essentially waiting 24 hours for a response.

As for the extreme protectiveness over email, my employer is familiar to everyone here as the ringleader of copyright extension. They're pretty emphatic about information control.

It's definitely worth mentioning that At&T Toggle is not a new product created by AT&T. All they've done is slapped a new brand name name (and resale service fee) on Enterproid Divide. And while Enterproid is garnering interest as a startup for a few things they're doing a little differently, GOOD Technology (as has been mentioned) has been providing a very similar solution for the better part of a decade, before Android and IOS even came around. It's also important to note that this is NOT virtualization in any way. The Divide/Toggle/Good application runs natively on your OS, and that application offers many different features and tools all of which are locked down, bound to, and managed by your employer. When Toggle/Divide says you can download new business applications, that is NOT Android or iOS applications. They're talking about new (yet to be developed) plugin modules from 3rd parties that operate under their SDK and extend the functionality of their application.

edit: Oops, looks like this is a 2.0 version of Toggle, and AT&T has cast Enterproid aside for OpenPeak' Sector.

I'll just continue to carry a separate work phone that i can turn off when I'm nit working. My employer doesnt need 24 access to me. My employer doesnt even have my cell number. I gave them a gVoice number which points at my work phone.

Employers getting into my personal phone, no thanks. If i need to be reached off hours for business purposes give me a phone. Bad idea, you really think they won't see that tweet or FB status update, or personal email you sent...or job interview request you replied to? Or be able to subpoena it in case of a work dispute/contract issue?

My personal phone is a Windoxs Phone which is far better than my company provided WinMo 6.5 source of frustration. When I'm up for a replacement I'll get a budget for a phone and can choose between iPhone, android and WP7/8 but until that time arrives I use my personal phone for work email. I'm fine with that since the company is pretty loose with using personal devices for email but I have an agreement - on paper - that my personal phone will not be wiped. I simply refuse to use my current company phone for email. Even calling or texting is a chore.

It's amazing how many people apparently didn't read any of the article so they could spout off with their kernels of insight, "dang blab nabbit! They can issue me a phone blab dang nabbit not paying to use my personal phone for work blab nab dang nabbit!"

Every concern each of you raises is specifically addressed by the application talked about, aside from billing, which is addressed in the next version of the application. Please read the article again, more slowly, perhaps making an effort to absorb each individual sentence's meaning.